[PHPLIB-DEV] cvs commit From: kk (phplib-dev <email protected>)
Date: 10/29/99

From: kk
Date: Fri Oct 29 15:55:44 1999
Modified files:
      php-lib/CHANGES
      php-lib/php/crcloginform.ihtml
      php-lib/php/crloginform.ihtml
      php-lib/php/local.inc

Log message:
Some fixes.

Index: php-lib/CHANGES
diff -u php-lib/CHANGES:1.128 php-lib/CHANGES:1.129
--- php-lib/CHANGES:1.128 Fri Oct 29 14:10:25 1999
+++ php-lib/CHANGES Fri Oct 29 15:55:12 1999
@@ -1,4 +1,4 @@
-$Id: CHANGES,v 1.128 1999/10/29 12:10:25 negro Exp $
+$Id: CHANGES,v 1.129 1999/10/29 13:55:12 kk Exp $
 
 29-Oct-1999 negro
   - Corrected a piece of example code in doc in order to use addslashes.
@@ -7,6 +7,10 @@
   - Ok, Massimiliano, try this one. A complete Example_Auth class
     featuring reg and log mode and transparent switching between
     both.
+ - Must not use $username cookie, name clash.
+ - Fixed crloginform.ihtml and crcloginform.ihtml with respect to
+ error handling. Did not prepare them for reg handling to keep
+ the code clear - Auth is already difficult enough to understand.
   - Documentation fix re magic_quotes.
 
 29-Oct-1999 at
Index: php-lib/php/crcloginform.ihtml
diff -u php-lib/php/crcloginform.ihtml:1.2 php-lib/php/crcloginform.ihtml:1.3
--- php-lib/php/crcloginform.ihtml:1.2 Sat May 1 06:35:20 1999
+++ php-lib/php/crcloginform.ihtml Fri Oct 29 15:55:13 1999
@@ -26,7 +26,7 @@
     td { font-family: Arial, Helvetica, sans-serif }
   -->
   </style>
-<script language="javascript" src="/session/md5.js"></script>
+<script language="javascript" src="/md5.js"></script>
 <script language="javascript">
 <!--
   function doChallengeResponse() {
@@ -67,19 +67,20 @@
  </tr>
 </table>
 
- <?php global $username; if ( isset($username) ): ?>
+ <?php if ($this->auth["error"]): ?>
  <!-- failed login code -->
 
  <p>
  <table>
   <tr>
- <td colspan=2><font color=red><b>Either your username or your password
- are invalid.<br>
- Please try again!</b></font></td>
+ <td colspan=2><font color=red><b><?php print $this->auth["error"]; ?></b></font></td>
   </tr>
  </table>
 
- <?php endif ?>
+ <?php
+ $this->auth["error"] = "";
+ endif;
+ ?>
 
 </table>
 
Index: php-lib/php/crloginform.ihtml
diff -u php-lib/php/crloginform.ihtml:1.3 php-lib/php/crloginform.ihtml:1.4
--- php-lib/php/crloginform.ihtml:1.3 Sat May 1 06:35:01 1999
+++ php-lib/php/crloginform.ihtml Fri Oct 29 15:55:13 1999
@@ -14,7 +14,7 @@
   knows that the client cannot do JS. The user can still be
   authenticated, but the password is visible on the network.
 
- $Id: crloginform.ihtml,v 1.3 1999/05/01 04:35:01 athompso Exp $
+ $Id: crloginform.ihtml,v 1.4 1999/10/29 13:55:13 kk Exp $
 -->
 <html>
 <head>
@@ -25,7 +25,7 @@
     td { font-family: Arial, Helvetica, sans-serif }
   -->
   </style>
-<script language="javascript" src="/session/md5.js"></script>
+<script language="javascript" src="/md5.js"></script>
 <script language="javascript">
 <!--
   function doChallengeResponse() {
@@ -66,19 +66,20 @@
  </tr>
 </table>
 
- <?php global $username; if ( isset($username) ): ?>
+ <?php if ($this->auth["error"]): ?>
  <!-- failed login code -->
 
  <p>
  <table>
   <tr>
- <td colspan=2><font color=red><b>Either your username or your password
- are invalid.<br>
- Please try again!</b></font></td>
+ <td colspan=2><font color=red><b><?php print $this->auth["error"] ?></b></font></td>
   </tr>
  </table>
 
- <?php endif ?>
+ <?php
+ $this->auth["error"] = "";
+ endif;
+ ?>
 
 </table>
 
Index: php-lib/php/local.inc
diff -u php-lib/php/local.inc:1.30 php-lib/php/local.inc:1.31
--- php-lib/php/local.inc:1.30 Fri Oct 29 13:32:49 1999
+++ php-lib/php/local.inc Fri Oct 29 15:55:13 1999
@@ -5,7 +5,7 @@
  * Copyright (c) 1998,1999 NetUSE GmbH
  * Boris Erdmann, Kristian Koehntopp
  *
- * $Id: local.inc,v 1.30 1999/10/29 11:32:49 kk Exp $
+ * $Id: local.inc,v 1.31 1999/10/29 13:55:13 kk Exp $
  *
  * All functions in this file are example classes, which can be used
  * by your application to get you going. Once you get the hang of it,
@@ -123,7 +123,6 @@
       $this->auth["uname"]=$username; ## This provides access for "loginform.ihtml"
     }
     
-
     $uid = false;
     
     $this->db->query(sprintf("select user_id, perms ".
@@ -140,6 +139,8 @@
     }
     if ($uid == false)
       $this->auth["error"] = "Either your username or password are invalid.<br>Please try again.";
+ else
+ SetCookie("auth_username", $username, pow(2, 31)-1, "/");
 
     return $uid;
   }
@@ -147,8 +148,8 @@
   function auth_preauth() {
     global $HTTP_COOKIE_VARS;
     
- if ($HTTP_COOKIE_VARS["username"]) {
- $this->auth["uname"] = $HTTP_COOKIE_VARS["username"];
+ if ($HTTP_COOKIE_VARS["auth_username"]) {
+ $this->auth["uname"] = $HTTP_COOKIE_VARS["auth_username"];
       $this->mode = "log";
     }
     return false;
@@ -215,7 +216,7 @@
     $this->db->query($query);
 
     ## Set a cookie to remember the username.
- SetCookie("username", $username, pow(2, 31)-1, "/");
+ SetCookie("auth_username", $username, pow(2, 31)-1, "/");
 
     ## log in that new user. The new user has no permissions.
     ## If the user should have permissions, you put them
@@ -282,6 +283,7 @@
     ## True when JS is disabled
     if ($response == "") {
       if ($password != $pass) {
+ $this->auth["error"] = "Either your username or password are invalid.<br>Please try again.";
         return false;
       } else {
         $this->auth["perm"] = $perm;
@@ -291,6 +293,7 @@
     
     ## Response is set, JS is enabled
     if ($exspected_response != $response) {
+ $this->auth["error"] = "Either your username or password are invalid.<br>Please try again.";
       return false;
     } else {
       $this->auth["perm"] = $perm;
@@ -344,6 +347,7 @@
     ## True when JS is disabled
     if ($response == "") {
       if (md5($password) != $pass) { ## md5 hash for non-JavaScript browsers
+ $this->auth["error"] = "Either your username or password are invalid.<br>Please try again.";
         return false;
       } else {
         $this->auth["perm"] = $perm;
@@ -353,6 +357,7 @@
     
     ## Response is set, JS is enabled
     if ($exspected_response != $response) {
+ $this->auth["error"] = "Either your username or password are invalid.<br>Please try again.";
       return false;
     } else {
       $this->auth["perm"] = $perm;

-
PHPLIB Developers Mailing List. Send messages to <phplib-dev <email protected>>.
To unsubscribe, send "unsubscribe" to <phplib-dev-request <email protected>> in
the body, not the subject, of your message.